Story image

Two of three Australian SMBs became victims of cyber-attacks over the past year

By Ryan Morris-Reade, Thu 21 Oct 2021

SMBs in Asia Pacific are more worried about cybersecurity threats than before, research finds. 

The new study by Cisco found 65% of Australian SMBs suffered a cyber incident in the past 12 months. Two out of three say cyber incidents in the past year cost their business $645K or more. Malware was the most prevalent cyber threat experienced, affecting 88% of Australian SMBs.  

Cisco says the COVID-19 pandemic has fuelled a critical need to invest in technology solutions and capabilities among organisations of all sizes. In the beginning, this was to survive, and now companies invest to thrive in the new normal. 

"As Australian SMBs continue to digitise, with 85% having a digitalisation roadmap in place, cyber threats are mirroring the pace of digitalisation, with 77% of Australian SMBs more worried about cybersecurity now than 12 months ago," says Cisco.

According to the survey, SMBs saw several ways in which attackers tried to infiltrate their systems. Malware attacks (88%) topped the charts, followed by Phishing (70%) and Denial of Service, which affected 64% of Australian SMBs.  

The top highlighted cause was cybersecurity solutions not being adequate to detect or prevent the attack. Over a third (37%) of those that suffered incidents ranked this as the top factor. While 32% ranked not having cybersecurity solutions as the number one reason.  

These incidents are having a tangible impact on business. Of those that suffered cyber incidents in the past year, one in three Australian SMBs says they have cost their business more than $1.3 million. 

But SMBs across the region are not giving up. The study highlights they are taking strategic measures such as carrying out simulation exercises to improve their cybersecurity posture. According to the survey, 85% of Australian SMBs have completed scenario planning or simulations for potential cybersecurity incidents in the past 12 months. Eighty-five percent of the SMBs who did the simulation exercises say they uncovered weak points or issues in cyber defences. 

"The accelerated pace of digitalisation over the last 18 months has fuelled a critical need for SMBs to invest in solutions and capabilities to ensure they are safeguarding themselves on the cybersecurity front," says Cisco ANZ head of Small Business and the Partner Organisation, Luke Power.

"This is because the more digital they become, the more attractive a target they are for malicious actors. While the growing cybersecurity concerns among SMBs may be seen as negative by some, it's an encouraging sign. It demonstrates increased awareness and understanding of cyber risks, which is the first step in improving the security posture. 

"From the Australian data, we can see there are high levels of scenario planning and preparation from SMBs. This needs to continue," he says.

The report highlights five recommendations that organisations of all sizes can employ to improve their cybersecurity posture:  

  • Having frequent discussions with senior leaders and all stakeholders. 
  • Taking a simplified, integrated approach to cybersecurity.
  • Staying prepared through conducting real-world simulations.  
  • Training and educating employees.
  • Working with the right technology partner.   

Commissioned by Cisco and conducted by Dynata, the Cybersecurity for SMBs: Asia Pacific Businesses Prepare for Digital Defence study is a double-blinded survey of over 3,700 business and IT leaders with cybersecurity responsibilities across 14 markets in Asia Pacific. It explores the evolving cybersecurity challenges facing SMBs in Australia and the APJC region, how SMB leaders approach cyber preparedness and recommendations for improving it. 

Recent stories
More stories